Want security updates only?

CloudBees uses continuous delivery to create rolling releases that are the most current and highest quality version of Jenkins available.
However, if you only need security updates, and no new features, we offer fixed releases.

CloudBees subfolder access with anonymous user issue

Issue

I want that anonymous user only have access to the content of a folder (folder-1) but not to the content of a subfolder inside that folder (folder-2) (folder-1/folder-2).

Environment

CloudBees Jenkins Enterprise

RBAC plugin

Resolution

Let’s say I have on my Jenkins dashboard the following job and folder.

And then inside my-folder-2 the following items:

The goal will be to grant the anonymous access to the elements inside my-folder-2, but not to the elements inside my-folder-3.

The first thing you need to do is to create a new role that I am going to call anonymous-internal with at least Overall/Read and Job/Read permission. Notice that in my example anonymous and authenticated users have Overall/Read permission.

Then, at my-folder-2 level I have created a new group of users called anonymous-internal-2, in which the “anonymous” user is a member. I granted to the anonymous-internal-2 user group the role “anonymous-internal” grated at current level and with the Propagates option enabled.

This group should then have a configuration like the one below:

The next step, it is still easiest. You just need to go at my-folder-3 level and filter-out the anonymous-internal role.